Berkeley CSUA MOTD:Entry 36752
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/04/04 [General] UID:1000 Activity:popular
4/4     

2005/3/18-19 [Computer/SW/Virus] UID:36752 Activity:nil
3/18    What's better, SpyBot or Ad-Aware?
        \_ I use Ad-Aware at work and it's fine for me. I also tested SpyBot
           and I like Ad-Aware better.
        \_ http://csua.com/?entry=36255
           http://csua.com/?entry=35035
        \_ SpyBot stopped working for me about a year ago and hasn't
           worked since (last checked 2 months ago).  (It gave up when it
           hit a certain definition.)  After googling and trying several hours
           to fix it over that year, my diagnosis was that I need to re-install
           my notebook in order for SpyBot to work again.
           Yes, I was infected once when I accidentally clicked "Yes" in IE
           for one of those spyware ActiveX installations.
           So, my opinion is Ad-aware is better.
2025/04/04 [General] UID:1000 Activity:popular
4/4     

You may also be interested in these entries...
2009/5/7-14 [Computer/HW/Laptop, Computer/SW/Virus, Computer/SW/OS/OsX] UID:52968 Activity:nil
5/7     Help, I think something's wrong with my network setting. I'd go to
        a web site, and then it would say "cannot find address". Then I'd
        reload again, occassionally 3 times, to load the page. Is this
        due to DNS being too slow, TTL setting, or something else?
        \_ windows mac or linux ?
           \_ windows (company issued laptop, no alternative)
	...
2009/4/12-20 [Computer/SW/Virus] UID:52844 Activity:nil
4/11    Is there a spyware detector that is free and can scan networked
        drives? Neither AdAware (free edition) nor SpyBot S&D have this
        feature, and I'd prefer to not pay AdAware Pro a penny until
        there really isn't any other alternative.
        \_ How about SuperAntiSpyware?
           \_ Just tried that, no luck :( They let you add remote drives
	...
2008/4/7-12 [Computer/Companies/Google] UID:49677 Activity:nil
4/7     Google searches spread spyware and hijack your PC to spread spam.
        http://www.csua.org/u/l8b
        \_ very poor understanding and description of the technical issues.
           Google isn't involved.  -tom
           \_ 'Google issued a statement saying it is helping affected
              websites fix the problem and is also developing new tools "to
	...
2008/3/4-7 [Computer/SW/Virus] UID:49325 Activity:kinda low
3/4     Hi, what's the best free anti-virus software for XP?  What about
        anti-spyware?  Currently I'm using Active Virus Shield and Spybot.
        Thanks.
        \_ I've used: avg, spybot s&d, adaware, trend micro's housecall.
           \_ Does Spybot S&D protect Firefox?  It soulds like the injection
              feature only supports IE.
	...
2007/12/15-19 [Computer/SW/OS/Windows] UID:48810 Activity:moderate
12/15   Ran through AdAware and SpyBot but computer still slow and still
        getting weird pop-ups from http://casalemedia.com. Best solution? Block
        all of these IPs in less than a minute!
        http://www.mvps.org/winhelp2002/hosts.htm
        Click on the "To view the HOSTS file in plain text form"
        and then put it in your /etc/hosts file. If using Winblows:
	...
2007/3/29-4/2 [Computer/SW/Virus] UID:46142 Activity:moderate
3/28    After almost a decade of not using windows I'm thinking about getting
        a cheap windows computer.  Security wise what are some musts?
        \_ install Linux
           \_ Haha you are still funny.
              \_ http://www.csua.berkeley.edu/~erikred/imlinux.jpg
           \_ I actually agree w/ this. Install Linux and VMWare. Then
	...
2006/10/17-18 [Health/Disease/General, Computer/SW/Virus] UID:44846 Activity:high
10/17   Some iPods shipped w/ a Windows Virus:
        http://www.apple.com/support/windowsvirus
        \- why dont more viruses delete massive amounts of data?
           it seems like if the virus writers wanted to hurt msft
           that what they should do in addition to spreading.
           it seems like viruses are still in the realm of annoying
	...
2006/10/5-7 [Computer/SW/Virus] UID:44695 Activity:nil
10/5    FYI, my gf on Tuesday went browsing for cracks using IE6, and got
        infected by adware just by viewing a web page (didn't need to click
        Yes to anything).  She was fully patched up.  SpyBot or Ad-aware
        caught it and cleaned it up after several reboots.
        \_ Browsing for cracks?
        \_ Well _duh_.  Most crack sites are really perfect vectors for
	...
2006/8/21-23 [Computer/SW/Virus] UID:44080 Activity:nil
8/21    Does spybot do real-time detection if I use Firefox in XP?  Is there a
        process in Task Manager that I can look for to make sure Spybot is
        running on my PC?  Thanks.
        \_ Spybot is marginally effective against spyware now. Get
           Process Explorer from http://sysinternals.com for something better than
           Task Manager.
	...
2006/8/14-16 [Computer/SW/Virus] UID:43994 Activity:nil
8/14    Are there any standard test spyware and test spam our there similar to
        http://eicar.com as the standard test virus for PC?  I suspect that the
        anti-spyware thing on my machine is not working.  Thx.
	...
2006/5/23-28 [Computer/Networking] UID:43157 Activity:nil
5/23    I have DSL through AT&T. The service was originally established
        through PacBell, transitioned to SBC, and now AT&T. I still have
        my original plan and never converted to a SBC Yahoo! (now AT&T
        Yahoo!) account. I noticed the price will be a lot cheaper if I
        do. Are there any drawbacks? I thought someone mentioned some
        negatives about the Yahoo! tie-in once upon a time.
	...
2006/5/8-11 [Computer/SW/Virus] UID:42977 Activity:nil
5/8     apologies if this has been asked recently: friends are asking me
        whats a good windows antivirus software and I've heard this
        thing AVG is good -- and free. anyone use this? is it good? thx
        \_ From the motd archive:
           AVG used to be good when it was the only free program around.
           Most people say that Avast! and AntiVir are better, though.
	...
Cache (431 bytes)
csua.com/?entry=36255
I am looking for something that my parents can run occasionally to try to keep their windows machine clean. I'm a BSD user so I don't deal with this type of stuff much. Thanks --jwm \_ For PC's use "spybot search & destroy" and "adAware". The best way would be to re-install M$oft, then install Firefox for them. But I switched them over to a mac about 6 months ago, which works fine for all the websites that don't suck in Safari.
Cache (8192 bytes)
csua.com/?entry=35035
htm adware" has escalated over th e past few years, the number of "anti-spywa re" scanners available on the Net has grown equally fast. At present the re are over 100 anti-spyware scanners available for download -- some for free, some for pay. Spyware and adware are themselves complex enough to prove bewildering to most av erage users, however. So confusing in fact is the threat of spyware and adware that users often have trouble disti nguishing effective anti-spywa re scanners from less effective ones. Alt hough a number of "tests" of an ti-spyware scanners have been reported o n the Net, many if not most of t hose tests are of limited value because the design, methodology, and exe cution of the tests is not fully and p ublicly documented, leaving even e xperienced users and experts to wonde r just how meaningful those tests r eally are. Still worse, some of thos e "tests" are touted by webmasters w ho are affiliates for the companies whose products were "tested." The tests documented on these pages are i ntended to partially remedy thes e several problems with our knowledge o f anti-spyware scanners and how w ell they perform. At present, there ar e three groups of tests documented here. Results Page # 4 Two substituti ons were made in the anti-spyware scanners used for the sec ond group or round of tests. First, SpyBouncer was substituted for Spywa reNuker 200 4 SpywareNuker 2004 requires users to activate the product o nline. As SpywareNuker 2004 was uninstalled after the first round of tes ts, it ha d to be reactivated when it was reinstalled. TrekBlue's server refused t o activate, indicating that the registration number had already been use d to activate a copy of SpywareNuker 2004. At that point, SpyBo uncer wa s substituted for SpywareNuker 2004 for the second round of test s Secon d, as BPS Spyware & Adware Remover crashed at the beginning of remov als during the test, Tenebril SpyCatcher was tested on Oct. As before, the installed spyware and adware was broken d own into "critical detections, " 138 total for this third round. The anti -spyware scanners were then u nleashed on the PC to find and remove whate ver spyware and adware they could. Results Page # 6 One substitution was made in the anti-spyware sc anners used for the third group of tests. As ZeroSpyware 2004 froze at t he outset of removals dur ing the test, Tenebril SpyCatcher was tested i nstead and substituted for ZeroSpyware 2004. Notes Before moving to the test results pages, please read the information belo w about the tests t hemselves, esp. Top 25 Spyware and Adware" list, which is upd ated regul arly. The three tests documented here include all of the top 1 0 spyware /adware applications on the PC Pitstop list (as of Oct. The Tests: Desig n & Methodology The same testing process was used for both rounds of tes ts. Installation Before testing, all "anti-malware" protections were dis abled, including a ll resident "anti-malware" scanners, spyware "immuniz ations," custom bro wser security settings, and other system configurati ons designed to bloc k the installation or execution of "malware." The s pyware and adware was then installed from the internet. com, where a flu rry of ActiveX Warning boxes was encountered for automated installations of spyware and adware. No less than 7 different boxes were clicked thro ugh, initiating installation processes for around 25 different adware an d spyware applications. Although only 5 boxes were clicked through, 23 d ifferent adware and spyware programs were installed on the test PC as a result. After all significant hard drive and network activity had ceased , the PC was rebooted to allow the various installers to finish setup ac tivity. O nce that activity had completed and the installed software com ponents we re in a relatively "stable" state, the personal firewall inst alled on th e computer was configured to block all network traffic to pr event furthe r installations or changes. "Critical" Detections From thos e logs as well as from information gleaned by manual inspection of the h ard drive and Registry, a list of "critical" detections was gene rated, with each detection being assigned a unique ID (see below for det ails). DLL) * BHO-related Registry entries * toolbar-related Registry entries * browser setting-related Registry entries * browser extension-related R egistry entries * auto-start Registry entries These "critical" detection s comprise only a subset of the complete collec tion of files and Regist ry entries added to the test PC by the installed spyware and adware. As such, the test results reported here do not prov ide a complete picture of the performance of the anti-spyware applicatio ns tested. Nonetheless , these detections are "critical" because they constitute the most impor tant files and Registry entries installed by the spyware and a dware app lications that accompanied Grokster. These detections represent the chan ges that would most visible and/or important to users. Any good anti-spy ware application would necessarily have to succeed at detecting and remo ving a significant number of these files and Registry entries i n order to be considered useful or effective, even if it left a signific ant num ber of less important files and Registry keys -- that is to say, inert " junk" -- behind. Moreover, these "critical" detections do provide a usef ul measure of the performance of these anti-spyware applications because they test how wel l the programs: * find and remove files on the hard d rive * kill running processes and remove the associated files * correctl y uninstall BHOs, browser toolbars, and other browser extensi ons * find and remove Registry entries critical to the functioning of the s pyware and adware applications One significant aspect of these applications th at was tested only in the third round of tests, however, was how well th e applications remove Wins ock LSP hijacks (if removed incorrectly, the network connection of the P C may be broken). It should also be noted th at not all applications installed by the Grokst er setup program are rep resented in the detections for the first group o f tests. com are repres ented in the detections for the second group of tests. The same holds tr ue for t he programs installed during the third group of tests. Along wi th the list of "critical" detections, a full Registry backup and copy of all newly installed or changed files was archived. This Registry backup , combined with the archived files, was used to restore the test PC to a "newly installed" state before each anti-spyware scanner test. Scanning & Removal After the test PC had been restored to a "newly installed" st ate, each an ti-spyware application was allowed to scan and remove every instance of spyware and adware that it could find. Where possible, each scanner was configured to scan only the C-drive and the L-drive (contai ning the Temp orary Internet Files directory and main TEMP directory) on the test PC. Each scanner was also configured to perform a "full" or "d eep" scan of t he Registry. If the anti-spyware application requested a system reboot t o complete the detection and removal process, a reboot w as performed. In all cases the latest definitions databases available fo r the applicatio ns were used. Scan logs were archived when possible, th ough this was not always feasible. To check the performance of each anti -spyware scanner, a custom-built bat ch file was executed. This batch fi le generated a list of the "critical" files and Registry entries that we re not removed by the anti-spyware sc anner. In some cases anti-spyware scanners may have detected and attempt ed to remove certain files and Re gistry entries only to fail. As the bat ch file checked for "critical" d etections actually left in place at the conclusion of a scan, the test r esults reported here reflect only actual removals, not mere detections o r attempted removals. Finally, false pos itives were noted and reported when they were generated. Readers should be aware that in some cases ant i-spyware applications may not have removed the files and Registry entri es for particular adware or spyware progr...